I looking for something to find attackers ip and block it in firewall. I use shorewall, and I just installed snort, but I can not find anything about how to talk snort with shorewall, like if snort will find attacker ips say HEY SHOREWALL BLOCK IT "DO IT DO IT...!" and plus some notification would be awesome. I find snortsam but there is no how to install it on gentoo, I found also snort_inline but seems is not a snort actually separate package.
thanks for help